Components | All | New | MacOS | Windows | Linux | iOS | ||||
Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old |
Encryption.Cipher
Encrypts or decrypts of a value.
Component | Version | macOS | Windows | Linux | Server | iOS SDK |
Encryption | 4.1 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes |
Parameters
Parameter | Description | Example | Flags |
---|---|---|---|
Direction | Whether to encrypt or decrypt. Pass encrypt or decrypt. | "encrypt" | |
Algorithm | Which algorithm to use. Can be for example RC2, blowfish, AES128, AES192, AES256. | "AES-128-CFB" | |
KeyType | The type of input for key. Can be Text, Container, Image, Path, PDF, Data, base64 or Hex. |
"Text" | |
KeyData | The actual input data for the key. Text, container or file path. Must not be longer than the maximum key length of the given algorithm. If key is too short, we pad it with zero bytes. If the key is text, please check what type of line ending you use and whether to trim the key. For short keys, we may fill them up with zeros to default/minimum length. |
"Hello World" | |
KeyEncoding | The text encoding for text input. Parameter is ignored for other cases. Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ. |
"UTF-8" | |
InputType | The type of input. Can be Text, Container, Image, Path, PDF, Data, base64 or Hex. |
"Text" | |
InputData | The actual input data. Text, container or file path. |
"Hello World" | |
InputEncoding | The text encoding for text input. Parameter is ignored for other cases. Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ. |
"UTF-8" | |
OutputType | The output type. Can be Base64, Hex, Text, File, Path. Can be Auto in plugin version 7.3 to detect type for container from OutputInfo parameter. Added Base64URL as option for plugin version 10.3. |
"Hex" | |
OutputInfo | The addition info for output. For text it is the text encoding, for file container the file name and for path the actual native file path. |
"" | Optional |
IVType | The type of input. Can be Text, Container, Image, Path, PDF, Data, base64 or Hex. In version 6.0 and newer you can pass Input here to take IV from input data. |
"Text" | Optional |
IVData | The actual input data for the IV. Text, container or file path. Must not be longer than the maximum IV length of the given algorithm. If IV is too short, we pad it with zero bytes. |
"Hello World" | Optional |
IVEncoding | The text encoding for text input. Parameter is ignored for other cases. Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ. |
"UTF-8" | Optional |
Padding | Whether to use padding. Pass 1 to enable padding (default). Pass 0 to disable. |
0 | Optional |
Result
Returns encrypted/decrypted value or text.
Description
Encrypts or decrypts of a value.Input can be one of different types:
- Text, you pass "text", your text and the text encoding. If no or invalid encoding name is passed, the native one is used. The encoding can be one of the following strings: ansi, windows, mac, latin1, utf8, dos or native.
- PDF, you pass the container with the PDF file inside.
- Image, you pass the container with an image file.
- Data, you pass container and plugin looks for the file data inside.
- Hex, you pass a hex encoded text.
- Base64, you pass a base64 encoded text.
- Path, you pass the file path to a file to read.
- Container, you pass a container which is serialized with all its content.
- JPEG, a container with a JPEG image.
- GIF, a container with a GIF image.
- TIFF, a container with a TIFF image.
- PNG, a container with a PNG image.
- Text, we return the data as text in the encoding. This is not recommended for encrypted data. OutputInfo parameter is text encoding.
- Base64, the data is returned as base64 encoded text.
- Hex, the data is returned as hex encoded text.
- File, the data is returned as a container value with a file inside containing the data. OutputInfo parameter is the filename to be stored in the container value.
- Path, the data is written to a file. In the OutputInfo parameter you provide a native file path.
- Container, the data is unpacked as a container value (serialized container).
- GIF, the data is returned as a container with GIF image inside.
- TIFF, the data is returned as a container with TIFF image inside.
- JPEG, the data is returned as a container with JPEG image inside.
- PNG, the data is returned as a container with PNG image inside.
- PDF, the data is returned as a container with PDF document inside.
- Auto, only for returning data and detecting type by provided file name. (new in 7.3)
Possible ciphers:
AES-128-CFB, BF-CBC, BF-CFB, BF-ECB, BF-OFB, AES-128-CBC, id-aes128-CCM, AES-128-CFB1, AES-128-CFB8, AES-128-CTR, AES-128-ECB, id-aes128-GCM, AES-128-OFB, AES-128-XTS, AES-192-CBC, id-aes192-CCM, AES-192-CFB1, AES-192-CFB8, AES-192-CFB, AES-192-CTR, AES-192-ECB, id-aes192-GCM, AES-192-OFB, AES-256-CBC, id-aes256-CCM, AES-256-CFB1, AES-256-CFB8, AES-256-CFB, AES-256-CTR, AES-256-ECB, id-aes256-GCM, AES-256-OFB, AES-256-XTS, CAMELLIA-128-CBC, CAMELLIA-128-CFB1, CAMELLIA-128-CFB8, CAMELLIA-128-CFB, CAMELLIA-128-ECB, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-CFB, CAMELLIA-192-ECB, CAMELLIA-192-OFB, CAMELLIA-256-CBC, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-CFB, CAMELLIA-256-ECB, CAMELLIA-256-OFB, CAST5-CBC, CAST5-CFB, CAST5-ECB, CAST5-OFB, DES-EDE, DES-EDE-CBC, DES-EDE-CFB, DES-EDE, DES-EDE-OFB, DES-EDE3, DES-EDE3-CBC, DES-EDE3-CFB1, DES-EDE3-CFB8, DES-EDE3-CFB, DES-EDE3, DES-EDE3-OFB, RC2-40-CBC, RC2-64-CBC, RC2-CBC, RC2-CFB, RC2-ECB, RC2-OFB, RC4, RC4-40, RC4-HMAC-MD5, IDEA-CFB, IDEA-ECB, IDEA-OFB, IDEA-CBC, DES-CFB1, DES-CFB8, DES-CFB, DES-OFB, DES-ECB, DES-CBC or DESX-CBC.
Please use right key length. For AES 128bit you need a 128 bit key, which means 16 bytes length. For AES 256 you need a 32byte long key. Recommended way is to use a hash function like SHA 256 to get a hashed version of your password plus some extra text as salt. For 128bit, you can simply use first half of SHA 256.
Version 7.3 reports an error if key size doesn’t match. Keys and IV are extended with NULL bytes to reach minimum size if needed.
For PDF content: If you have a DynaPDF Pro license and DynaPDF functions initialized, this function can add previews for the PDF file on Windows and Linux. For MacOS, we make them with PDFKit.
Examples
Encrypts some text with AES:
MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Test Key 1234567"; "UTF-8"; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )
Example result: 2A04C546B09FF53B0039D6
Encrypts a container:
MBS( "Encryption.Cipher"; "encrypt"; "AES-256-ECB"; "Hex"; "1234567812345678123456781234567812345678123456781234567812345678"; ""; "Container"; MyTable::MyContainer; ""; "Hex"; "" )
Encrypt and decrypt:
# encrypt something
$r = MBS("Encryption.Cipher"; "encrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Text"; "Input Text"; "UTF-8"; "Hex"; "" )
# returns "C577EC9EBE28B1F4E1FD"
# and backward
$r = MBS("Encryption.Cipher"; "decrypt"; "AES-128-CFB"; "Text"; "Secret"; "UTF-8"; "Hex"; "C577EC9EBE28B1F4E1FD"; ""; "Text"; "UTF-8" )
Encrypt with AES 256bit Counter (CTR) mode:
# Make a 256 bit key with a hash
Set Variable [$hash; Value:MBS( "Hash.Digest"; "SHA256"; "Text"; "My Secret Password"; "UTF-8"; "Hex" )]
# now encrypt some text
Set Variable [$encrypted; Value:MBS( "Encryption.Cipher"; "encrypt"; "AES-256-CTR"; "Hex"; $hash; ""; "Text"; "Hello World"; "UTF-8"; "Hex"; "" )]
# and show encrypted text
Show Custom Dialog [$encrypted]
Encrypt Umsatzzähler für Registrierkasse mit AES ICM/CTR:
MBS( "Encryption.Cipher"; "encrypt"; "AES-128-CTR"; "TEXT"; $Schlüssel; "UTF-8"; "Hex"; $KodierterUmsatzzählers; ""; "Hex"; ""; "Text"; $Kassenidentifikationsnummer & $Belegnummer; "UTF-8" )
Decrypt Blowfish ECB:
MBS( "Encryption.Cipher"; "decrypt"; "bf-ecb"; "TEXT"; "strunzhasensalat"; "UTF-8"; "base64"; "TkfrFBRE0pkp3lzEX7YibCVnz+S79ckp"; ""; "Text"; "UTF-8" )
Example result: Ölüberschußländer
See also
- Encryption.CipherNames
- Encryption.DecryptAES
- Encryption.DecryptBlowfish
- Encryption.DecryptContainerAES
- Encryption.EncryptAES
- Encryption.EncryptContainerAES
- Encryption.EncryptContainerBlowfish
- Hash.Digest
- RSA.EncryptPrivateKey
- RSA.GeneratePrivateKey
Release notes
- Version 13.3
- Fixed an issue with variable length keys in Encryption.Cipher function.
- Version 10.3
- Added Base64URL as output option for RSA.Sign, CURL.ReceiveData, Files.ReadFile, Hash.DigestFile, Hash.Digest, Encryption.Cipher and for other functions as text encoding parameter.
- Version 10.0
- Fixed a bug with Encryption.Cipher function when key contained char(10).
- Version 9.5
- Changed Encryption.Cipher to not report no error as error.
- Version 9.4
- Added error check to Encryption.Cipher to report if de/encryption fails instead of silently return no or garbage data.
- Version 8.5
- Added Encryption.CipherNames and Encryption.DigestNames functions.
- Version 7.3
- Added new mode to Encryption.Cipher with type "auto" for returning container data and detect type based on a given filename.
- Fixed bug with Encryption.Cipher to better handle longer keys (e.g. blowfish with up to 64 bytes) and invalid key lengths.
Example Databases
- Encryption and Hash/AES with PHP/AES with PHP
- Encryption and Hash/Encryption Cipher
- Third Party/FileMaker Snippet Storage
Blog Entries
- MBS FileMaker Plugin, version 13.3pr4
- MBS FileMaker Plugin, version 13.3pr3
- MBS FileMaker Plugin, version 10.3pr1
- MBS FileMaker Plugin, version 9.6pr4
- MBS FileMaker Plugin, version 9.5pr5
- MBS FileMaker Plugin, version 9.4pr3
- Comparing Base Elements Plugin to MBS FileMaker Plugin
- MBS FileMaker Plugin, version 7.3pr2
- AES in FileMaker and PHP
- New universal Hash and Encrypt functions for MBS FileMaker Plugin
This function checks for a license.
Created 18th August 2014, last changed 17th June 2023